Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/typo3/neos@2.0.0-beta3
Typecomposer
Namespacetypo3
Nameneos
Version2.0.0-beta3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.0.4
Latest_non_vulnerable_version4.3.3
Affected_by_vulnerabilities
0
url VCID-eyk1-hqju-cfc2
vulnerability_id VCID-eyk1-hqju-cfc2
summary 
XSS Vulnerabilities
Neos is vulnerable to several XSS attacks. Through these vulnerabilities, an attacker could tamper with page rendering, redirect victims to a fake login page, or capture user credentials (such as cookies). With the potential backdoor upload an attacker could gain access to the server itself, to an extent mainly limited by the server setup.
references
0
reference_url https://www.neos.io/news/neos-sa-2015-002.html
reference_id
reference_type
scores
url https://www.neos.io/news/neos-sa-2015-002.html
fixed_packages
0
url pkg:composer/typo3/neos@2.0.4
purl pkg:composer/typo3/neos@2.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@2.0.4
1
url pkg:composer/typo3/neos@2.3.3
purl pkg:composer/typo3/neos@2.3.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@2.3.3
aliases GMS-2015-46
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eyk1-hqju-cfc2
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@2.0.0-beta3